Sandcastle – AWS S3 Bucket Enumeration Tool

Sandcastle – AWS S3 Bucket Enumeration Tool

Sandcastle is a Python-based Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations.

Amazon S3 [Simple Storage Service] is cloud storage for the Internet. To upload your data (photos, videos, documents etc.), you first create a bucket in one of the AWS Regions. You can then upload any number of objects to the bucket.

Read the rest of Sandcastle – AWS S3 Bucket Enumeration Tool now! Only available at Darknet.

Microsoft RCE Vulnerabilities Affecting Windows, Windows Server

Original release date: March 23, 2020

Microsoft has released a security advisory to address remote code execution vulnerabilities in Adobe Type Manager Library affecting all currently supported versions of Windows and Windows Server operating systems. A remote attacker can exploit these vulnerabilities to take control of an affected system. Microsoft is aware of limited, targeted attacks exploiting these vulnerabilities in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Advisory ADV200006 and the CERT Coordination Center (CERT/CC) Vulnerability Note VU#354840 for more information and apply the necessary mitigations until patches are made available.

This product is provided subject to this Notification and this Privacy & Use policy.

Drupal Releases Security Updates

Original release date: March 19, 2020

Drupal has released security updates to address vulnerabilities affecting Drupal 8.7.x and 8.8.x. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Drupal security release and apply the necessary updates or mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Updates for SD-WAN Solution Software

Original release date: March 19, 2020

Cisco has released security updates to address multiple vulnerabilities in SD-WAN Solution software. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories webpage.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.